[wp-trac] [WordPress Trac] #35715: edit_user() doesn't check for empty password (pass1).
WordPress Trac
noreply at wordpress.org
Tue Mar 22 23:11:26 UTC 2016
#35715: edit_user() doesn't check for empty password (pass1).
-------------------------------------------------+-------------------------
Reporter: gitlost | Owner: ocean90
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.5
Component: Users | Version: 4.4
Severity: normal | Resolution: fixed
Keywords: good-first-bug has-patch has- | Focuses:
screenshots |
-------------------------------------------------+-------------------------
Comment (by ocean90):
So, after 7 weeks we're back to comment:1. :-)
Replying to [comment:6 wesleye]:
> The only thing I'm woried about is that the function will fail if the
passwords have been set to 0. This was also the case with the original
code, so I've not added code to fix this. Is this something we want?
This part was excluded from [37059]. Since there a few `empty()` checks
through the codebase, including the login form, it makes sense to open a
new ticket for this. Although I'm not sure if it's really worth the
effort. Is there a real use case for it?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35715#comment:27>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list